If you are familiar with writing or porting network applications, you
may notice that most of the NIS maps listed previously correspond to library
functions in the C library. For instance, to obtain passwd
information, you generally use the getpwnam and
getpwuid functions, which return the account information
associated with the given username or numerical user ID, respectively.
Under normal circumstances, these functions perform the requested
lookup on the standard file, such as /etc/passwd.

An NIS-aware implementation of these functions, however, modifies this
behavior and places an RPC call to the NIS server, which looks up the username
or user ID. This happens transparently to the application. The function may
treat the NIS data as though it has been appended to the original
passwd file so both sets of information are available
to the application and used, or as though it has completely replaced it so
that the information in the local passwd is ignored
and only the NIS data is used.

For traditional NIS implementations, there were certain conventions for
which maps were replaced and which were appended to the original information.
Some, like the passwd maps, required kludgy modifications
of the passwd file which, when done incorrectly, would
open up security holes. To avoid these pitfalls, NYS and the GNU libc use a
general configuration scheme that determines whether a particular set of
client functions uses the original files, NIS, or NIS+, and in which order.
This scheme will be described later in this chapter.